| Title | Sourcecodester Online Clothing Store 1.0 SQL Injection |
|---|
| Description | A SQL Injection vulnerability has been identified in Sourcecodester Online Clothing Store 1.0. The vulnerability affects the authentication functionality implemented in /index.php. Insufficient sanitization of user-supplied input in the username parameter allows manipulation of backend SQL queries. Successful exploitation may result in authentication bypass and unauthorized administrative access without valid credentials. An attacker can leverage this issue to gain elevated privileges and perform unauthorized actions within the administrative interface, potentially compromising the confidentiality and integrity of the application. |
|---|
| Source | ⚠️ https://medium.com/@hemantrajbhati5555/sql-injection-leading-to-administrator-authentication-bypass-f82de3a370a6 |
|---|
| User | Hemant Raj Bhati (UID 95613) |
|---|
| Submission | 06/11/2026 20:23 (1 month ago) |
|---|
| Moderation | 07/14/2026 12:46 (1 month later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 165082 [SourceCodester/code-projects Online Clothing Store 1.0 login.php txtUserName sql injection] |
|---|
| Points | 0 |
|---|